package com.itheima.health.filter;

import lombok.extern.slf4j.Slf4j;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

/**
 * 权限校验
 */

@WebFilter(urlPatterns = "/*")
@Slf4j
public class AuthFilter implements Filter {

    //  不需登陆 就能访问的 URI
    private String[] unLoginAccessUrlList = new String[]{
            "/user/login",
            "/user/logout",
            "/common/**",
            "/mobile/**"
    };


    //  需要登录  授权访问的 URi (不在此map的, 登陆即可访问
    private Map<String,String> loginAuthUrlMap = new HashMap<>();

    //读取哪些路径需要哪些权限可以访问的列表
    private void initAuthUrlMap(){
        //正常来讲 应该把下列 接口字段 与 权限字段 在数据库里关联,
        // 现在permission表中缺少 接口列 为不动组中库 尝试在此挨个添加
        loginAuthUrlMap.put("/checkitem/add","CHECKITEM_ADD");
        loginAuthUrlMap.put("/checkitem/delete","CHECKITEM_DELETE");
        loginAuthUrlMap.put("/checkitem/edit","CHECKITEM_EDIT");
        loginAuthUrlMap.put("/checkitem/findById","CHECKITEM_QUERY");
        loginAuthUrlMap.put("/checkitem/findAll","CHECKITEM_QUERY");
        loginAuthUrlMap.put("/checkgroup/add","CHECKGROUP_ADD");
        loginAuthUrlMap.put("/checkgroup/deleteCheckGroupitemById","CHECKGROUP_DELETE");
        loginAuthUrlMap.put("/checkgroup/edit","CHECKGROUP_EDIT");
        loginAuthUrlMap.put("/checkgroup/findById","CHECKGROUP_QUERY");
        loginAuthUrlMap.put("/checkgroup/findCheckItemIdsByCheckGroupId","CHECKGROUP_QUERY");
        loginAuthUrlMap.put("/checkgroup/findAll","CHECKGROUP_QUERY");
        loginAuthUrlMap.put("/setmeal/upload","SETMEAL_ADD");
        loginAuthUrlMap.put("/setmeal/add","SETMEAL_ADD");
//        loginAuthUrlMap.put("/setmeal","SETMEAL_DELETE");
//        loginAuthUrlMap.put("/setmeal","SETMEAL_EDIT");
//        loginAuthUrlMap.put("/setmeal","SETMEAL_QUERY");
        loginAuthUrlMap.put("/ordersetting/**","ORDERSETTING");
        loginAuthUrlMap.put("/report/**","REPORT_VIEW");
//        loginAuthUrlMap.put("","MENU_ADD");
//        loginAuthUrlMap.put("","MENU_DELETE");
//        loginAuthUrlMap.put("","MENU_EDIT");
//        loginAuthUrlMap.put("","MENU_QUERY");
        loginAuthUrlMap.put("","ROLE_ADD");
        loginAuthUrlMap.put("","ROLE_DELETE");
        loginAuthUrlMap.put("","ROLE_EDIT");
        loginAuthUrlMap.put("","ROLE_QUERY");
        loginAuthUrlMap.put("","USER_ADD");
        loginAuthUrlMap.put("","USER_DELETE");
        loginAuthUrlMap.put("","USER_EDIT");
        loginAuthUrlMap.put("","USER_QUERY");
    }



    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        //初始化类
        //放入所有请求的路径
        loginAuthUrlMap.put()
    }



    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

        //拦截所有请求
        HttpServletRequest request = (HttpServletRequest)servletRequest;
        HttpServletResponse response=(HttpServletResponse)servletResponse;
        //获取请求uri
        String uri = request.getRequestURI();
        // 1 判断是否是无需登录也可通过的uri

        // 2 判断是否登陆

        // 3 判断是否是有权限的访问



        //放行方法
        filterChain.doFilter(servletRequest,servletResponse);
    }



    @Override
    public void destroy() {

    }
}
